Western Digital MyCloud NAS Remote Command Injection Vulnerability (CNVD-2017-00115)

Western Digital MyCloud NAS is a personal cloud storage device. Western Digital MyCloud NAS version 2.11.142 has a remote command injection vulnerability in index.php, which allows an attacker to execute arbitrary commands with root privileges via a cookie header...

Western Digital My Cloud Products Multiple Remote Command Injection Vulnerabilities (Dec 2016) - Active Check

Western Digital My Cloud Products are prone to multiple remote command injection vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2016-10107

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header...

CVE-2016-10108

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data...

Debian Remote Command Injection Vulnerability

Debian is a free operating system created by the Debian Project Collaboration with Linux or FreeBSD as its kernel. A remote command injection vulnerability exists in Debian. Allows an attacker to execute arbitrary commands with user privileges in the context of an affected application...

Nagios Core Remote Command Injection Vulnerability

Nagios is an American programmer Ethan Galstad developed a set of open source system status and network information monitoring program. The program provides network service monitoring, host resource monitoring, SMS alerts and other functions. A remote command injection vulnerability exists in...

NetGear lot of router remote command injection vulnerability analysis(Update Patch analysis)-vulnerability warning-the black bar safety net

0x01 introduction Two days before the NTP just doing the complete thing, the NetGear routerNETGEAR routerand to engage in things of T. T. The current CERT in the last week, five have issued a notice,“if the user comes to the router, it is recommended to stop use until the official release of the...

NetGear R series multi-router remote command injection vulnerability analysis-vulnerability warning-the black bar safety net

Two days before the NTP just doing the complete thing, the NetGear routerNETGEAR routerand to engage in things of T. T. The current CERT in the last week, five have issued a notice,“if the user comes to the router, it is recommended to stop use until the official release of the patch repair.” Thi...

Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit)

Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection Metasploit Exploit Title: Sophos Web Appliance diagnostictools wget Remote Command Injection Vulnerablity Date: 12/12/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link:...

IBM BigFix Platform Remote Command Injection Vulnerability (swg21993206)

IBM BigFix Platform is prone to a remote command injection vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...

IBM BigFix Platform 9.x < 9.5.3 Remote Command Injection

According to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.x prior to 9.5.3. It is, therefore, affected by a command injection vulnerability in the Web Reports component. An unauthenticated, remote attacker can exploit this to inject commands that...

Trend Micro Smart Protection Server Exec Remote Code Injection Exploit

This Metasploit module exploits a vulnerability found in TrendMicro Smart Protection Server where untrusted inputs are fed to ServWebExec system command, leading to command injection. Please note: authentication is required to exploit this vulnerability. This module requires Metasploit:...

Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) Exploit

Exploit for hardware platform in category remote exploits Exploit Title: Eir D1000 Wireless Router - WAN Side Remote Command Injection Date: 7th November 2016 Exploit Author: Kenzo Website: https://devicereversing.wordpress.com Tested on Firmware version: 2.00AADU.520150909 Type: Webapps Platform...

IBM BigFix Platform Remote Command Injection Vulnerability

IBM BigFix Platform formerly known as IBM Endpoint Manager, Tivoli Endpoint Manager is a set of system management software from IBM in the United States. The software provides remote control, patch management, software distribution, operating system deployment, network access protection and other...

Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit)

Eir D1000 Wireless Router - WAN Side Remote Command Injection Metasploit =begin Exploit Title: Eir D1000 Wireless Router - WAN Side Remote Command Injection Date: 7th November 2016 Exploit Author: Kenzo Website: https://devicereversing.wordpress.com Tested on Firmware version: 2.00AADU.520150909...

Ansible Remote Command Injection Vulnerability

Ansible is a newly emerged operation and maintenance tool that is based on Python and combines the advantages of many old operation and maintenance tools to achieve batch operating system configuration, batch program deployment, batch running commands and other functions. A remote command injecti...

IBM Security Guardium Database Activity Monitor Remote Command Injection Vulnerability

IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. The product provides features such as automated controls for compliance and protection against internal and external threats. A remote command injection vulnerability exists in IBM Security Guardi...

TrendMicro InterScan Web Security Virtual Appliance - &#039;Shellshock&#039; Remote Command Injection

!/usr/bin/env python TrendMicro InterScan Web Security Virtul Appliance ================================================== InterScan Web Security is a software virtual appliance that dynamically protects against the ever-growing flood of web threats at the Internet gateway exclusively designed to...

TrendMicro InterScan Web Security Virtual Appliance - Shellshock Remote Command Injection

TrendMicro InterScan Web Security Virtual Appliance - Shellshock Remote Command Injection !/usr/bin/env python TrendMicro InterScan Web Security Virtul Appliance ================================================== InterScan Web Security is a software virtual appliance that dynamically protects...

IBM Security Access Manager for Web Remote Command Injection Vulnerability

IBM Security Access Manager ISAM for Web formerly known as IBM Tivoli Access Manager for e-business is a suite of IBM products for user authentication, authorization, and Web single sign-on solutions that provide user access management and Web application protection Functions. A remote command...